Michigan - MPDPA (Michigan Personal Data Privacy Act)

What is MPDDA? How stay compliant with this?

The Michigan Personal Data Privacy Act is a proposed legislation designed to establish privacy rights for consumers in Michigan. It introduces specific requirements for entities regarding the handling and sale of personal data.

Initially introduced in September 2022, the bill is not yet in effect, and its future remains uncertain. In this article, we'll explore ways to safeguard your interests in anticipation of its potential implementation.

Once approved, the MPDPA would impact any profit-driven company that gathers data on Michigan residents, meeting one of two conditions: either collecting or processing personal data from over 100,000 consumers or controlling/processing data from over 25,000 consumers while deriving 50% of its gross revenue from personal data sales.

If passed, this legislation could be one of the strictest in the nation, as it covers all forms of personal data processing, not just sensitive information.

If you want to know more about the different regulations you can access our article "Laws and regulations for each region"

Do i need a cookie banner to comply with this?

While the rules regarding privacy consent are not clear, everything would suggest that the website should obtain explicit user consent. Therefore, we recommend integrating an Opt-in Consent as follows:

• Include a Button to Accept Cookies: The text in the cookie banner and the button must make it clear that by clicking the button the user agrees to the deployment of cookies.
  
• Include a Button to Reject Cookies: Although it does not specifically clarify a button as in other cases, we must provide an opt-out option that “takes effect immediately and is consistent.”
• Provide Detailed Information About Cookie Use: The cookie banner should contain information about why the website uses cookies. For example, does it collect data for analytics, advertising, or social media purposes?
• Alert the User if the Website Shares Data with Third Parties: If the website shares the data collected through cookies with third parties the cookie banner should explain this.
• Link to the Website’s Cookie Policy: Here the website will provide further information about the cookies in use on the site, including a list of all the cookies.
• Include a Link to the Cookie Settings: This isn’t required under GDPR as long as users have the choice to reject all cookies. However, it does have the benefit of allowing users who would otherwise reject all cookies to permit some forms of data collection. 

Observations: With illow´s GLOBAL banner, your site will be ready to comply with this regulation.

If you want to know the different types of banner cookies that you can find on our platform, access our article "Types of banners you will find on our platform"